Aktilot is under active development and does not yet have tagged stable releases.
Security fixes are applied to the main branch only.
Please do not open a public GitHub issue for security vulnerabilities.
Instead, report it privately via GitHub Security Advisories or by emailing [email protected] with:
- A description of the vulnerability and its potential impact
- Steps to reproduce (proof-of-concept code or requests, if applicable)
- The affected version/commit
You should expect an initial response within 5 business days. We'll work with you to confirm the issue, assess severity, and agree on a disclosure timeline before any public announcement.
Aktilot is self-hosted software. Reports about the deployment of a third party's instance (not this codebase) are out of scope. Reports about the application code, Docker images, and default configuration in this repository are in scope.